Privacy Policy — Spillit

Last updated: May 2026

      ✦ The short version: Spillit is built on anonymity. Your confessions are never linked to your name or identity. Creating an account is optional — it only exists to save your streak and progress across devices. You remain completely anonymous to every other user, whether you have an account or not.
    

🌿 What we collect

Spillit is designed to collect as little as possible. Here is everything we store:

Confession & reply content — the text you post, stored in our database. It contains no information that identifies you unless you choose to include it yourself.
An anonymous session token — a random ID stored as a cookie in your browser (spillit_sid). Used to track likes, reactions, and room membership. It contains no personal data and cannot be used to identify you to other users.
Your IP address — used temporarily in memory for rate limiting (to prevent spam). It is never stored in our database.
Category, timestamp, and country code — recorded when a confession is posted to support filtering and the local/global region toggle.
Media uploads — if you attach a photo or video, it is stored via Cloudinary. No personal metadata is extracted from media files.

If you choose to create an account (optional — see below), we also store the account data described in the next section.

🔐 Optional accounts & login

Spillit now offers an optional account system so you can save your streak, spills, and unlocks across devices. Creating an account is entirely voluntary — you can use Spillit forever as a guest without one.

Magic link (email login)

If you sign in with your email address, we store it in our database linked to your account.
We use it only to send your one-time login link. We never send marketing emails and never share it with third parties.
Login links expire in 15 minutes and can only be used once.
Your email is never visible to other users — we display only a masked version (e.g. j***@gmail.com) in your own account panel.

Social login (X / Discord / Snapchat)

If you sign in via X, Discord, or Snapchat, we receive only your account ID and display name from that platform. We do not access your posts, followers, messages, or any other data.
Your social handle is stored in our database and used only for account identity and our optional referral points system.
Your handle is never shown publicly on any confession or reply — other users cannot see which social account you used to log in.
You can unlink your social account at any time from your Profile.

What an account does and does not do

An account links your anonymous session to a persistent identity so your activity carries over when you switch devices or browsers.
It does not attach your name or identity to any individual confession or reply in a way that is visible to other users.
It does not grant us any additional data from your device beyond what is listed here.

🚫 What we never collect

Your real name
Your phone number
Your precise location or device fingerprint
Your browsing history or activity outside Spillit
Your social media posts, followers, or messages
Advertising identifiers or tracking pixels
Passwords — we use passwordless login only (magic links and OAuth)

🍪 Cookies

We use a single first-party cookie: spillit_sid. It is:

httpOnly — JavaScript on the page cannot read it
Signed — tamper-evident, server-verified
Anonymous by default — a random UUID with no connection to your identity unless you voluntarily create an account
Long-lived — expires after 1 year so your preferences and session persist

If you create an account, the same cookie is used to link your browsing session to your account on our server. No additional cookies are set.

We do not use advertising cookies, analytics cookies, or third-party tracking cookies.

📦 How data is used

The data we collect is used only to operate Spillit:

Confession content is displayed publicly in the feed or within the room it was posted to
The session token enforces one-like-per-person on confessions and replies
Reaction, reply, and like counts are public
Reported confessions are reviewed by our team for moderation
Country codes power the optional Global/Local region toggle
Account data (email or social handle) is used solely to authenticate you and save your progress across devices
Social handles linked to your account are used for the optional referral points system

We never sell, share, or transfer your data to third parties for advertising or any commercial purpose.

🏠 Rooms & communities

When you create or join a Room, your anonymous session ID is used to identify you as the creator (for moderation) and to track your membership. This session ID is not linked to your real identity in any way that is visible to other users.

Posts within private rooms are only visible to members of that room. Public rooms are visible to all users.

🗑️ Data retention & deletion

Confessions marked "Disappears in 24h" are automatically removed after 24 hours
Other confessions remain until deleted by our team following a report
If you have an account and wish to delete it, email us at privacy@usespillit.com — we will remove your account record and unlink all associated sessions within 7 business days
Because confessions carry no publicly visible identity, we cannot remove all content written by a specific person, but we can remove your account and email from our records upon request
Magic link tokens are single-use and expire after 15 minutes; expired tokens are purged from our database automatically
OAuth state tokens used during social login are deleted immediately after use

🌍 Third-party services

Spillit uses the following third-party services:

Resend — to send magic link login emails. When you request an email login, your email address is transmitted to Resend's API for delivery. Resend's privacy policy applies.
X (Twitter) OAuth — if you choose to sign in with X, you are redirected to X's login page. We receive only your X user ID and username. X's privacy policy applies to your interaction with their login page.
Discord OAuth — if you choose to sign in with Discord, we receive only your Discord user ID and username. Discord's privacy policy applies.
Snapchat Login Kit — if you choose to sign in with Snapchat, we receive only your Snapchat external ID and display name. Snap Inc.'s privacy policy applies.
Stripe — for optional paid features (boosts, tips). Payment is processed entirely by Stripe. We never see or store your card details. Stripe's privacy policy applies.
Cloudinary — for video uploads attached to confessions. Cloudinary's privacy policy applies.
Tenor (via Google) — for the GIF picker in rooms. Search queries are sent to Tenor's API. Tenor's privacy policy applies.
Google Fonts — to load typefaces. Your browser makes a request to Google's servers on page load. Google's privacy policy applies.

We use no advertising networks or analytics platforms.

👶 Children's privacy

Spillit is intended for users aged 13 and over. We do not knowingly collect information from children under 13. If you create an account and are under 13, please do not use the account system — you may continue to use Spillit as a guest. If you believe a child has submitted content, please use the Report button or contact us.

✉️ Contact

Questions about this privacy policy, account deletion requests, or any other privacy concerns? Reach out at privacy@usespillit.com. We'll do our best to respond within 5 business days.